Now CloudSEK data is being sold on one of the darknet forums for $10,000.
Indian information security company CloudSEK has reported that unknown hackers gained access to its Confluence server using stolen credentials from an employee's Jira account. While some inside information has been removed from the Confluence wiki, the company says the attackers were unable to compromise its databases. Internal and training documentation, Confluence pages, as well as open source automation scripts connected to Jira fell into the hands of cybercriminals.
In the screenshot above, sedut is trying to sell access to the CloudSEK network, Xvigil, codebase, corporate email, Jira, and the company's social media accounts.
As evidence, the attackers leaked images containing valuable information about CloudSEK to the network:
Logins and passwords of accounts used to hack the Breached and XSS forums;
Instructions for using web crawlers;
Cybercriminals are trying to sell the CloudSEK database for $10,000 and the codebase and employee documentation for $8,000.
The company suspects another cybersecurity company of the deed. The circle of suspects has already narrowed, as the director of CloudSEK said in his message. He claims that a dark web monitoring company is behind the hack, as evidenced by the techniques and tactics used by the attackers during the attack.
Comments 0